/// <summary>
/// Checks for the authorization of a given item (Task/Operation) for a user.
/// The default values for store, application and connection come from .config settings. User information will default
/// to Thread.CurrentPrincipal.Identity
/// </summary>
/// <param name="item">Name of the Task/Operation</param>
/// <returns>Boolean result for the user's authorization.</returns>
public bool IsAuthorized(string item)
{
var user = (UserIdentity)Thread.CurrentPrincipal.Identity;
var dbUser = cache.Storage.GetDBUser(user.Name);
var authorization = cache.CheckAccess(StoreName, Application, item, dbUser.CustomSid.ToString(), DateTime.Now, false);
return((authorization == AuthorizationType.Allow) ||
(authorization == AuthorizationType.AllowWithDelegation));
}
private void CheckNodeAccess(TreeNode tn)
{
var tag = (ItemType)tn.Tag;
string sItemType = String.Empty;
switch (tag)
{
case ItemType.Role:
sItemType = "Role";
break;
case ItemType.Task:
sItemType = "Task";
break;
case ItemType.Operation:
sItemType = "Operation";
break;
}
AuthorizationType auth = AuthorizationType.Neutral;
string sAuth = String.Empty;
DateTime chkStart = DateTime.Now;
TimeSpan elapsedTime = TimeSpan.Zero;
DateTime chkEnd = DateTime.Now;
List <KeyValuePair <string, string> > attributes = null;
//Cache Build
if (chkUserPermisisonCache.Checked && _UserPermissionCache == null)
{
txtDetails.Text += "Building UserPermissionCache ... " + Environment.NewLine;
_UserPermissionCache = new UserPermissionCache(_Storage, _Store.Name, _Application.Name, _DbUser, true, false);
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
txtDetails.Text += String.Format("[{0} mls.]\r\n", elapsedTime.TotalMilliseconds) + Environment.NewLine;
}
else if (chkStorageCache.Checked && _StorageCache == null)
{
txtDetails.Text += "Building StorageCache ... " + Environment.NewLine;
_StorageCache = new StorageCache(_Storage.ConnectionString);
_StorageCache.BuildStorageCache(_Store.Name, _Application.Name);
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
txtDetails.Text += String.Format("[{0} mls.]\r\n", elapsedTime.TotalMilliseconds) + Environment.NewLine;
}
chkStart = DateTime.Now;
elapsedTime = TimeSpan.Zero;
txtDetails.Text += String.Format("{0} {1} '{2}' ... ", "Check Access Test on", sItemType, tn.Text);
try
{
if (chkUserPermisisonCache.Checked)
{
auth = _UserPermissionCache.CheckAccess(
tn.Text,
!String.IsNullOrEmpty(txtValidFor.Text) ? Convert.ToDateTime(txtValidFor.Text) : DateTime.Now,
out attributes);
}
else if (this.chkStorageCache.Checked)
{
auth = _StorageCache.CheckAccess(
_Store.Name,
_Application.Name,
tn.Text, _DbUser.CustomSid.StringValue,
!String.IsNullOrEmpty(txtValidFor.Text) ? Convert.ToDateTime(txtValidFor.Text) : DateTime.Now,
false,
out attributes);
}
else
{
auth = _Storage.CheckAccess(
_Store.Name,
_Application.Name,
tn.Text, _DbUser,
!String.IsNullOrEmpty(txtValidFor.Text) ? Convert.ToDateTime(txtValidFor.Text) : DateTime.Now,
false,
out attributes);
}
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
sAuth = "Neutral";
switch (auth)
{
case AuthorizationType.AllowWithDelegation:
sAuth = "Allow with Delegation";
break;
case AuthorizationType.Allow:
sAuth = "Allow";
break;
case AuthorizationType.Deny:
sAuth = "Deny";
break;
case AuthorizationType.Neutral:
sAuth = "Neutral";
break;
}
//tn.ToolTip = sAuth;
txtDetails.Text += String.Format("{0} [{1} mls.]", sAuth, elapsedTime.TotalMilliseconds) + Environment.NewLine;
if (attributes != null && attributes.Count > 0)
{
txtDetails.Text += String.Format(" {0} attribute(s) found:", attributes.Count) + Environment.NewLine;
int attributeIndex = 0;
foreach (KeyValuePair <string, string> attr in attributes)
{
txtDetails.Text += String.Format(" {0}) Key: {1} Value: {2}", ++attributeIndex, attr.Key, attr.Value) + Environment.NewLine;
}
}
}
catch (Exception ex)
{
sAuth = "Check Access Test Error";
txtDetails.Text += String.Format("{0} [{1} mls.]", ex.Message, elapsedTime.TotalMilliseconds) + Environment.NewLine;
}
tn.Text = String.Format("{0} - ({1})", tn.Text, sAuth.ToUpper());
foreach (TreeNode tnChild in tn.Nodes)
{
CheckNodeAccess(tnChild);
}
}
